--- a/plugins/s2s/mod_s2s.lua	Sat Apr 28 16:29:00 2012 +0100
+++ b/plugins/s2s/mod_s2s.lua	Sat Apr 28 08:35:34 2012 -0700
@@ -134,6 +134,9 @@
 		-- Is there any interest in printing out all/the number of errors here?
 		if not chain_valid then
 			(session.log or log)("debug", "certificate chain validation result: invalid");
+			for depth, t in ipairs(errors) do
+				(session.log or log)("debug", "certificate error(s) at depth %d: %s", depth-1, table.concat(t, ", "))
+			end
 			session.cert_chain_status = "invalid";
 		else
 			(session.log or log)("debug", "certificate chain validation result: valid");